18 June, 2015
The Information Commissioner's Office (ICO) has been increasingly active in enforcing the Data Protection Act and many public bodies have been in its sights.
It has enforced penalties of up to £200,000 for data security breaches including allowing customer information to be hacked and for selling a computer with personal information left on the hard drive.
The Data Protection Act sets out principles and rules for organisations holding personal iformation and rights for the individuals whose data they hold. In the schools sector there are additional rules dealing with educational records, exams and safeguarding to take into account as well.
Solid policies and procedures and suitable training and awareness among staff are what the ICO wants to see if it investigates a complaint.
The recent run of penalties and other enforcement actions show that organisations without those measures in place might pay a heavy price.
Forbes can assist with reviews of documents and procedures and also by providing training sessions for staff and governors. For more information please contact Daniel Milnes on 01254 222313.